Fix it so NSEC and NSEC3 records will not include DNSKEY in the typemap if there...

diff --git a/pdns/packethandler.cc b/pdns/packethandler.cc
index 197bab40a55d99a5c124b01353a6240938753978..b37ca9d83cce59f1aaa5e8c2596659c7214c8b10 100644 (file)
--- a/pdns/packethandler.cc
+++ b/pdns/packethandler.cc
@@ -506,7 +506,10 @@ void PacketHandler::emitNSEC(std::unique_ptr<DNSPacket>& r, const SOAData& sd, c
   nrc.set(QType::RRSIG);
   if(sd.qname == name) {
     nrc.set(QType::SOA); // 1dfd8ad SOA can live outside the records table
-    nrc.set(QType::DNSKEY);
+    auto keyset = d_dk.getKeys(name);
+    if (!keyset.empty()) {
+      nrc.set(QType::DNSKEY);
+    }
     string publishCDNSKEY;
     d_dk.getPublishCDNSKEY(name, publishCDNSKEY);
     if (publishCDNSKEY == "1")
@@ -555,7 +558,10 @@ void PacketHandler::emitNSEC3(std::unique_ptr<DNSPacket>& r, const SOAData& sd,
     if (sd.qname == name) {
       n3rc.set(QType::SOA); // 1dfd8ad SOA can live outside the records table
       n3rc.set(QType::NSEC3PARAM);
-      n3rc.set(QType::DNSKEY);
+      auto keyset = d_dk.getKeys(name);
+      if (!keyset.empty()) {
+        n3rc.set(QType::DNSKEY);
+      }
       string publishCDNSKEY;
       d_dk.getPublishCDNSKEY(name, publishCDNSKEY);
       if (publishCDNSKEY == "1")